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REMARKS/ARGUMENTS 

Specification 

The office action objects to the specification as failing to provide proper 
antecedent basis for the claimed subject matter, and required correction for "[a] computer 
readable medium having code to perform a computer implemented method". Although 
applicants believe that such medium is found in the disclosure portion of the 
specification, applicants have amended the specification to comply with the requirement, 
without adding new matter. See 37 CFR 1.118. 

Section 101 

The office action has rejected claims 98-104 as being directed to non-statutory 
subject matter. The applicants respectfully disagree with this view, in that physical, 
tangible changes result from the implementation of the claimed method. Particularly, the 
generation, storage and alteration of computer files resident within computer readable 
media, and the display of the interface on a monitor. Claim 98 has been amended to 
make more clear that diese steps involve physical changes and yield a tangible result. 

Section 102(b) 

The office action has rejected independent claim 98 under 35 U.S.C. 102(b) as 
being anticipated by Bapat (U.S. Pat. No. 6,038,563). Claim 98 has been amended to 
help clarify the exact bounds of the invention. 

For a prior art reference to anticipate in terms of 35 U.S.C. § 102, anticipation 
requires the presence in a single prior art reference disclosure of each and every element 
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of the claimed invention, arranged as in the claim. Lindemann Maschinenfabrik GMBH 
v. American Hoist and Derrick Co., 730 F.2d 1452, 1458 (Fed. Cir. 1984). Applicants 
respectfully points out that Bapat does not disclose each and every element of the claimed 
invention, arranged as in the claim, and that the office action's reference changes that 
could be made by a person of ordinary skill in the art is not relevant to a 102 rejection. 

The office action cites the log server 290 of Bapat as disclosing the limitation 
registering a listener agent with the console. The following limitation, registering a 
listener agent with the console, is cited to a set of filters 291, 294 in the log server 290. 
Applicants respectfully disagree with this assessment. The listening agent is installed on 
the server hosting the database, i.e., at the application level where the present invention 
operates. Bapat discloses that the "log server" 290 is a software entity or process that 
inns on the same computer or computer node as the MIS. Col. 16, lines 55-66. The 
"MIS" is the "management information server" 150 that "receives all managed object 
access requests 120, and distributes each request, or portions of the request, to a set of 
auxiliary servers 152 in accordance with the portion(s) of the managed object tree 
referenced by the request." Bapat, col. 6, lines 54-60. Thus, the MIS of Bapat, which 
contains the "log server", is not installed on the server hosting the database, as required 
by the claims, but is a remote, dedicated server (appropriate for monitoring at the network 
level), but incompatible with the operation of the present invention. 

For the next limitation, establishing a secure connection between the console and 
the listener agent, Bapat Figure 3 is cited. However, applicant cannot discern in Figure 3 
any structure corresponding to the cited disclosures concerning the log server and filters. 
The office action further directs the applicants to Bapat Fig. 9, for a set of filters 291, 294 
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in the log server 290 which determines which event notifications are stored. The office 
action further states that "Accordingly, it is noted that wherein the filter (i.e. the listener 
agent) is installed on the log server (i.e. the server hosting the database) and wherein the 
log server is a part of the MIS, the log server would inherently have established a secure 
connection between the MIS (i.e. the console) and the filter." Applicants note that the 
principle of inherency applies only when the subject matter happens each and every time 
(i.e., inherently) not when something may be present. There is nothing to suggest that a 
secure connection is established each and every lime. Applicants believe that the 
disclosed structure of Bapat does not anticipate the limitations concerning the listener 
agent and its relationship with the console. 

The next limitation, configuring the listener agent with a first set of rules having a 
set of security attributes, is cited to Bapat's filter 291 passing "access grant" and "access 
denial" event notifications generated by the MIS. Applicant does not believe that the 
limitation reads on the cited portion of Bapat, or that the listener agent of the present 
invention is a log server with filters, nor that the log server of Bapat is hosted on the same 
computer as the subject database, for monitoring at the application level. What may or 
may not be obvious to a person having ordinary skill in the art is irrelevant to a rejection 
for anticipation. 

The next limitation, installing a collector agent to be in communication with the 
listener agent for collecting a plurality of database events, the office action again cites the 
language of Bapat that the filter 291 passes "access grant" and "access denial" event 
notifications generated by the MIS. Again, the MIS of Bapat is the management 
information server, not the collector agent or listener agent. The database events of the 
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subjeci process are not event notifications, nor are they generated at the console or 
network level. Applicant does not believe that collecting events through a collector and 
listener is met by Bapat's passing access grant and access denial event notifications. 

The next limitation, deconstructing the plurality of database events into a plurality 
of atomic messages, is cited to user queries requesting information from tables to which 
the user does not have access rights are rejected by the SQL engine. Applicant does not 
see how this claim step of deconstructing is met by rejection by the SQL engine for users 
without access rights. 

The next limitation, analyzing the plurality of atomic messages for compliance 
wiili the first set of rules, the office action cites Bapat for a security alarm log 293 that is 
separate from the security audit trail 192, where security alarms are generated and stored 
in the log only when there is a denial of object access. Applicant respectfully suggests 
that the step of analyzing a plurality of atomic messages clearly is not met by a security 
alarm log. The office action further states that "it would have been obvious to one of 
ordinary skill in the art that the console operator would receive a notification (i.e. a 
signal) thai a database event did not comply with a set of rules " OA at p. 10. Again, an 
obviousness standard is not proper in the context of a 102 rejection. 

The next limitation, executing compliant database events, depends on the 
term ""compliant" in the context of analysis of atomic messages. The cited section of 
Bapat merely states the object of every security system, i.e., that access rights are granted 
only when the user has appropriate access rights. This is consonant with the purpose of 
Bapat, to monitor at the entrance level, but not with the present invention, which 
monitors events at the database application level. The applicants respectfully disagree 
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with the statement in the office action that "compliant" as per atomic messages is not in 
the claim(s). Claim 98 specifically states the steps of (1) analyzing the plurality of 
atomic messages for compliance with the first set of rules; and (2) executing compliant 
database events (emphasis added). 

The next limitation, sending a signal to a console operator when a database event 
is not compliant with the first set of rules, is cited to Bapat' s disclosure that if a match is 
found, the request is denied, and a response is returned to the initiator if appropriate. 
Again, applicant does not see a signal being sent to a console operator when an event is 
not compliant with a first set of rules. 

The next limitation, allowing a console operator to create exceptions when signals 
are sent by the listening agent, is cited to users authorized to modify the access control 
tree. The statement in Bapat that someone is authorized to modify the access control tree 
is not the step of allowing a console operator to create exceptions when signals are sent 
by the listening agent. Whether the invention of Bapat may be customized does not 
disclose this process step. 

The next limitation, updating the first set of rules with the exceptions created by 
the console operator, is cited to users authorized to modify the access control tree. The 
limitation is a step; updating the rules created by the console operator. The Bapat 
disclosure merely states that there are users authorized to modify the access control tree. 
This does not meet the limitation of the instant process step. 

The next and last limitation, storing the signals received by the console operator 
in a data file residing with the console, is cited to the deny/grant decision for each access 
reauest mav be stored in a securitv miHit trail Thr. oitftH r>mtirm rtf^nat Hnp? nr»r 



